Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\MicrosoftDhcpService] 'ImagePath' = '<SYSTEM32>\srvany.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\MicrosoftDhcpService] 'Start' = '00000002'
- '<SYSTEM32>\cmd.exe' /c sc start MicrosoftDhcpService
- '<SYSTEM32>\instsrv.exe' MicrosoftDhcpService <SYSTEM32>\srvany.exe
- '<SYSTEM32>\sc.exe' start MicrosoftDhcpService
- '%WINDIR%\system\svchost.exe'
- '<SYSTEM32>\srvany.exe'
- '<SYSTEM32>\cmd.exe' /c instsrv MicrosoftDhcpService <SYSTEM32>\srvany.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\mgmmt.exe
- '%TEMP%\uTorrentPROPortable_3.4.8.42449.exe'
- '%TEMP%\mgmmt.exe'
- '<SYSTEM32>\netsh.exe' advfirewall firewall add rule name="Microsoft DHCP" dir=in action=allow program="%WINDIR%\system\svchost.exe" enable=yes
- '<SYSTEM32>\cmd.exe' /c netsh advfirewall firewall add rule name="Microsoft DHCP" dir=in action=allow program="%WINDIR%\system\svchost.exe" enable=yes
- %WINDIR%\svchost.exe
- <SYSTEM32>\instsrv.exe
- <SYSTEM32>\srvany.exe
- %WINDIR%\system\svchost.exe
- %TEMP%\mgmmt.exe
- %TEMP%\uTorrentPROPortable_3.4.8.42449.exe
- %WINDIR%\system\everything.ini
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'AutoHotkey' WindowName: '%TEMP%\mgmmt.exe'